Vulnerabilities > Typo3

DATE CVE VULNERABILITY TITLE RISK
2021-03-23 CVE-2021-21340 Cross-site Scripting vulnerability in Typo3
TYPO3 is an open source PHP based web content management system.
network
low complexity
typo3 CWE-79
5.4
5.4
2021-03-23 CVE-2021-21339 Unspecified vulnerability in Typo3
TYPO3 is an open source PHP based web content management system.
network
low complexity
typo3
7.5
7.5
2021-03-23 CVE-2021-21338 Unspecified vulnerability in Typo3
TYPO3 is an open source PHP based web content management system.
network
low complexity
typo3
6.1
6.1
2020-11-23 CVE-2020-26229 Unspecified vulnerability in Typo3
TYPO3 is an open source PHP based web content management system.
network
high complexity
typo3
3.7
3.7
2020-11-23 CVE-2020-26228 Unspecified vulnerability in Typo3
TYPO3 is an open source PHP based web content management system.
network
low complexity
typo3
7.5
7.5
2020-11-23 CVE-2020-26227 Unspecified vulnerability in Typo3
TYPO3 is an open source PHP based web content management system.
network
low complexity
typo3
6.1
6.1
2020-11-17 CVE-2020-26216 Unspecified vulnerability in Typo3 Fluid
TYPO3 Fluid before versions 2.0.8, 2.1.7, 2.2.4, 2.3.7, 2.4.4, 2.5.11 and 2.6.10 is vulnerable to Cross-Site Scripting.
network
low complexity
typo3
6.1
6.1
2020-10-08 CVE-2020-15241 Cross-site Scripting vulnerability in Typo3 Fluid Engine and Typo3
TYPO3 Fluid Engine (package `typo3fluid/fluid`) before versions 2.0.5, 2.1.4, 2.2.1, 2.3.5, 2.4.1, 2.5.5 or 2.6.1 is vulnerable to cross-site scripting when making use of the ternary conditional operator in templates like `{showFullName ? fullName : defaultValue}`.
network
low complexity
typo3 CWE-79
6.1
6.1
2020-07-29 CVE-2020-15099 Improper Input Validation vulnerability in Typo3
In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.20, and greater than or equal to 10.0.0 and less than 10.4.6, in a case where an attacker manages to generate a valid cryptographic message authentication code (HMAC-SHA1) - either by using a different existing vulnerability or in case the internal encryptionKey was exposed - it is possible to retrieve arbitrary files of a TYPO3 installation.
network
high complexity
typo3 CWE-20
8.1
8.1
2020-07-29 CVE-2020-15098 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Typo3
In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.20, and greater than or equal to 10.0.0 and less than 10.4.6, it has been discovered that an internal verification mechanism can be used to generate arbitrary checksums.
network
low complexity
typo3 CWE-327
8.8
8.8